Q: 5
Refer to the exhibit: 
R1 is connected to two service providers and is under a DDoS attack Which statement about this design is true if uRPF in strict mode is configured on both interfaces'?
Options
Discussion
D imo
D
C is off, it's D. Strict uRPF drops if the FIB exit doesn't match ingress interface.
Why not C if the null route is used as a blackhole during mitigation? Anyone validate that?
Probably D, because strict uRPF drops anything not following the exact expected return path. A is a common distractor here.
C tbh
Why not C here? Strict mode checks the source interface, not just null routes, so C feels like a decoy.
D , strict uRPF drops packets if they come in on an interface that's not the return path from the FIB. C is tempting but it's more about null routes, not interface checking. Seen similar wording in SPCOR prep-D matches what Cisco expects. Correct me if I'm missing something.
C/D? Strict mode uRPF means the FIB has to match incoming interface for source, so D lines up, but some people get tripped up by C because of null routes. Pretty sure it's D, feel free to disagree though.
Nah, C is a distractor here, strict uRPF kicks in as described in D.
Be respectful. No spam.
